NotCVE - vendor:"Cyberchimps" product:"Gutenberg \& Elementor Templates Importer For Responsive" version:"

1 results (0.003 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-12073 – Responsive Ready Sites Importer <= 2.2.6 - Unprotected AJAX Actions

https://notcve.org/view.php?id=CVE-2020-12073

The responsive-add-ons plugin before 2.2.7 for WordPress has incorrect access control for wp-admin/admin-ajax.php?action= requests. El plugin responsive-add-ons en versiones anteriores a la 2.2.7 para Wordpress tiene control de acceso incorrecto para las peticiones wp-admin/admin-ajax.php? acción=. The Responsive Ready Sites Importer for WordPress is vulnerable to authorization bypass due missing capability checks on several AJAX actions in versions up to, and including, 2.2.6. • https://www.wordfence.com/blog/2020/03/severe-flaws-patched-in-responsive-ready-sites-importer-plugin • CWE-863: Incorrect Authorization •